OLD | NEW |
| (Empty) |
1 <?php | |
2 header('Content-Type: application/javascript'); | |
3 $directive = $_GET['directive']; | |
4 | |
5 if ($directive == 'default') { | |
6 header('Content-Security-Policy: default-src \'self\''); | |
7 | |
8 ?> | |
9 importScripts('worker-testharness.js'); | |
10 importScripts('test-helpers.js'); | |
11 importScripts('../../resources/get-host-info.js'); | |
12 | |
13 var host_info = get_host_info(); | |
14 | |
15 test(function() { | |
16 var import_script_failed = false; | |
17 try { | |
18 importScripts(host_info.HTTP_REMOTE_ORIGIN + | |
19 '/serviceworker/resources/empty.js'); | |
20 } catch(e) { | |
21 import_script_failed = true; | |
22 } | |
23 assert_true(import_script_failed, | |
24 'Importing the other origins script should fail.'); | |
25 }, 'importScripts test for default-src'); | |
26 | |
27 async_test(function(t) { | |
28 fetch(host_info.HTTP_REMOTE_ORIGIN + | |
29 '/serviceworker/resources/fetch-access-control.php?ACAOrigin=*', | |
30 {mode: 'cors'}) | |
31 .then(function(response){ | |
32 assert_unreached('fetch should fail.'); | |
33 }, function(){ | |
34 t.done(); | |
35 }) | |
36 .catch(unreached_rejection(t)); | |
37 }, 'Fetch test for default-src'); | |
38 | |
39 async_test(function(t) { | |
40 var REDIRECT_URL = host_info.HTTP_ORIGIN + | |
41 '/serviceworker/resources/redirect.php?Redirect='; | |
42 var OTHER_BASE_URL = host_info.HTTP_REMOTE_ORIGIN + | |
43 '/serviceworker/resources/fetch-access-control.php?' | |
44 fetch(REDIRECT_URL + encodeURIComponent(OTHER_BASE_URL + 'ACAOrigin=*'), | |
45 {mode: 'cors'}) | |
46 .then(function(response){ | |
47 assert_unreached('Redirected fetch should fail.'); | |
48 }, function(){ | |
49 t.done(); | |
50 }) | |
51 .catch(unreached_rejection(t)); | |
52 }, 'Redirected fetch test for default-src'); | |
53 | |
54 <?php | |
55 | |
56 } else if ($directive == 'script') { | |
57 header('Content-Security-Policy: script-src \'self\''); | |
58 | |
59 ?> | |
60 importScripts('worker-testharness.js'); | |
61 importScripts('test-helpers.js'); | |
62 importScripts('../../resources/get-host-info.js'); | |
63 | |
64 var host_info = get_host_info(); | |
65 | |
66 test(function() { | |
67 var import_script_failed = false; | |
68 try { | |
69 importScripts(host_info.HTTP_REMOTE_ORIGIN + | |
70 '/serviceworker/resources/empty.js'); | |
71 } catch(e) { | |
72 import_script_failed = true; | |
73 } | |
74 assert_true(import_script_failed, | |
75 'Importing the other origins script should fail.'); | |
76 }, 'importScripts test for script-src'); | |
77 | |
78 async_test(function(t) { | |
79 fetch(host_info.HTTP_REMOTE_ORIGIN + | |
80 '/serviceworker/resources/fetch-access-control.php?ACAOrigin=*', | |
81 {mode: 'cors'}) | |
82 .then(function(response){ | |
83 t.done(); | |
84 }, function(){ | |
85 assert_unreached('fetch should not fail.'); | |
86 }) | |
87 .catch(unreached_rejection(t)); | |
88 }, 'Fetch test for script-src'); | |
89 | |
90 async_test(function(t) { | |
91 var REDIRECT_URL = host_info.HTTP_ORIGIN + | |
92 '/serviceworker/resources/redirect.php?Redirect='; | |
93 var OTHER_BASE_URL = host_info.HTTP_REMOTE_ORIGIN + | |
94 '/serviceworker/resources/fetch-access-control.php?' | |
95 fetch(REDIRECT_URL + encodeURIComponent(OTHER_BASE_URL + 'ACAOrigin=*'), | |
96 {mode: 'cors'}) | |
97 .then(function(response){ | |
98 t.done(); | |
99 }, function(){ | |
100 assert_unreached('Redirected fetch should not fail.'); | |
101 }) | |
102 .catch(unreached_rejection(t)); | |
103 }, 'Redirected fetch test for script-src'); | |
104 | |
105 <?php | |
106 | |
107 } else if ($directive == 'connect') { | |
108 header('Content-Security-Policy: connect-src \'self\''); | |
109 | |
110 ?> | |
111 importScripts('worker-testharness.js'); | |
112 importScripts('test-helpers.js'); | |
113 importScripts('../../resources/get-host-info.js'); | |
114 | |
115 var host_info = get_host_info(); | |
116 | |
117 test(function() { | |
118 var import_script_failed = false; | |
119 try { | |
120 importScripts(host_info.HTTP_REMOTE_ORIGIN + | |
121 '/serviceworker/resources/empty.js'); | |
122 } catch(e) { | |
123 import_script_failed = true; | |
124 } | |
125 assert_false(import_script_failed, | |
126 'Importing the other origins script should not fail.'); | |
127 }, 'importScripts test for connect-src'); | |
128 | |
129 async_test(function(t) { | |
130 fetch(host_info.HTTP_REMOTE_ORIGIN + | |
131 '/serviceworker/resources/fetch-access-control.php?ACAOrigin=*', | |
132 {mode: 'cors'}) | |
133 .then(function(response){ | |
134 assert_unreached('fetch should fail.'); | |
135 }, function(){ | |
136 t.done(); | |
137 }) | |
138 .catch(unreached_rejection(t)); | |
139 }, 'Fetch test for connect-src'); | |
140 | |
141 async_test(function(t) { | |
142 var REDIRECT_URL = host_info.HTTP_ORIGIN + | |
143 '/serviceworker/resources/redirect.php?Redirect='; | |
144 var OTHER_BASE_URL = host_info.HTTP_REMOTE_ORIGIN + | |
145 '/serviceworker/resources/fetch-access-control.php?' | |
146 fetch(REDIRECT_URL + encodeURIComponent(OTHER_BASE_URL + 'ACAOrigin=*'), | |
147 {mode: 'cors'}) | |
148 .then(function(response){ | |
149 assert_unreached('Redirected fetch should fail.'); | |
150 }, function(){ | |
151 t.done(); | |
152 }) | |
153 .catch(unreached_rejection(t)); | |
154 }, 'Redirected fetch test for connect-src'); | |
155 | |
156 <?php | |
157 } | |
158 ?> | |
OLD | NEW |